CVE-2019-19126

A vulnerability was discovered in glibc where the LDPREFERMAP32BITEXEC environment variable is not ignored when running binaries with the setuid flag on x8664 architectures. This allows an attacker to force system to utilize only half of the memory making the system think the software is 32-bit...

PT-2019-4758 · Python +2 · Pam-Python +2

Name of the Vulnerable Software and Affected Versions: pam-python versions prior to 1.0.7-1 Description: The issue is related to insecure privilege management in the pam-python PAM module, which allows an attacker to escalate privileges using a specially crafted binary file with the setuid flag...

kernel: exec/ptrace: get_dumpable() incorrect tests

A flaw was found in the way the getdumpable function return value was interpreted in the ptrace subsystem of the Linux kernel. When 'fs.suiddumpable' was set to 2, a local, unprivileged local user could use this flaw to bypass intended ptrace restrictions and obtain potentially sensitive...

clearcase2.txt

Date: Tue, 9 Feb 1999 17:57:27 +0100 From: Oezguer Kesim To: [email protected] Subject: Re: L0pht Advisory - Rational Software ClearCase root exploitable race conditions Holla, things are even worse! You may want to remove the setuid flag from /usr/atria/etc/dbloader, but this won't fix the...